Online Banking Safety Tips for Windows users

With the ease of banking, the Internet also brings a load of trouble if you are not aware of procedures and tricks used by cybercriminals. There are many methods using which, they can get access your bank accounts online. Popular methods are Hacking, Social EngineeringIdentity Theft and Phishing. This article offers some online banking safety tips so that you can be on your guard.

Online Banking Safety Tips

The most used method among cybercriminals is social engineering and phishing. They try to befriend you and then ask you for your bank details. Remember that no banking company requests your banking ID and password in any case.

The first tip, among the five online banking safety tips, is you should run away when encountering questions like what is your customer ID – on the phone, in person or an email.

Talking of Phishing, criminals may send customized emails asking you to click a link to update your details like address, etc. Such attacks are known as Spear Phishing. They might send you an email saying you need to update details and provide a link in the email. If you click the link, you are taken to a look-alike site, and thus you lose your login credentials to scammers. If you receive any email asking you to update your bank details, just ignore them. If you are doubtful, call up the bank and ask them if the email originated from them.

In short, you should ignore all communications – emails, phones, person to person, etc. – that ask for your banking credentials. DO NOT CLICK LINKS in emails seemingly originating from banks.

Almost all banks provide two-factor authentication methods. Make sure you are using the facility. It is for your own good. If you have to choose from a number of authentication methods, go for One Time Password (OTP) method. You’ll be sent a PIN to your registered mobile phone as the second authentication whenever you want to log in.

3] Avoid Public Computers and WiFi

Important among the online banking safety tips is to avoid public WiFi and especially, public computers. By public computers, I mean Internet Cafes and library computers. Public WiFi at coffee places, railway stations, and waiting lounges at airports, etc. are good for time pass, but they cannot stop hackers from peeking into your computers remotely. Never use Public Computers and Public WiFi for online banking purpose. That will help you keep your bank information safe.

If you are using WiFi, you are at a greater risk, as the dangers of using a Public or Free WiFi are much higher. You need to protect yourself much more against hackers who may hijack your data connections to know what you are doing. All they need is a simple device that is easily available on the Internet and elsewhere. Read our article on how to stay safe when on public WiFi.

4] Change Password Frequently

While a bank says you should keep changing the banking password frequently, I know it is hard to come up with uncrackable passwords every three or six months. It is hard to remember them. Personally, though I use a password manager, I haven’t authorized it to save my banking password or transaction password.

Whether you change the passwords or not, keep it unique and strong… and something that you can remember. Do not use it elsewhere so that even if something like LinkedIn is compromised, cyber criminals cannot use the same password to access your bank online. Likewise, avoid storing the password in password managers – be they local or cloud based. You don’t know when one of them might be compromised. I am not saying password managers are not trustworthy, but few things are better saved in your brain memory and nowhere else.

5] Check the URL in the address bar

Always check the URL in the address bar of your browser, after the web page is fully loaded. is it the site you want to visit?

Moreover, If it displays a lock icon or https, then it is a ‘secure’website.

6] Check your last login date and time

If there is a feature that sends you an SMS or text whenever you log into your bank online, use it. That will give you a notification and will be useful in case anyone tries to log into your bank using the Internet.

If the feature is not available, you can manually see when you last logged in. If you find any irregularities with the login date and time, or even in the summary of transactions, immediately lock down your account and inform the bank.

7] Use a good security software

Use a good Internet Security Suite, which is always updated with the latest definitions. Some security software opens your browser in a special protected mode and also offers an on-screen keyboard so that no keylogger or hacker can log your password keystrokes when they detect a financial website. If you can use a VPN software, even better. And yes, goes without saying – keep your Windows 10/8/7 OS and your web browser up-to-date at all times.

Once you have completed your banking transactions, always remember to log out.

Anand Khanse is the Admin of TheWindowsClub.com, a 10-year Microsoft MVP Awardee in Windows (2006-16) & a Windows Insider MVP. Please read the entire post & the comments first, create a System Restore Point before making any changes to your system & be careful about any 3rd-party offers while installing freeware.

4 Comments

“Never use Public Computers and Public WiFi for online banking purpose.”

I travel for months at a time every year, and I always have to bank online at some point and have never suffered for it. Sure, nothing is 100% and I will agree that it’s safer to do online banking using your or your company’s secure connection… but I think even an open WiFi is “safe enough” — making the author’s blanket warning ‘overblown’? How can I say this?

People access their banks online using one of two means: browser or bank app.

1. Browser – Access to any bank account website this day and age is via HTTPS — so data sent is encrypted right before transmission and data received is decrypted right after transmission. Anyone snooping over an unsecured connection will just read gibberish. If HTTPS encryption itself is a security issue, then we have a far, far bigger issue on hand: the entire worldwide web itself!

2. Bank App – Your bank app is designed to encrypt data similar to (1) above.

Really, the thing to guard against is “man-in-middle” attack. But that’s a whole different issue because if your device itself is compromised (e.g. keylogger surreptitiously installed), then you may well have a critical security issue where the type of internet connection — secured or not secured — is actually irrelevant. Once the keylogger records (and transmits) the password you had just typed…

But if I am missing something — that neither HTTPS nor bank apps can help an unsecured WiFi connection, please post.

It is known that the authentication by biometrics usually comes with poorer security than PIN/password-only authentication. The following video explains how biomerics makes a backdoor to password-protected information.https://youtu.be/5e2oHZccMe4